Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/3231372e32352e31302e302f32342d3234203d3e20343032333639.roa
File: 3231372e32352e31302e302f32342d3234203d3e20343032333639.roa (raw, json)
Hash identifier: tt8K++HA2G+c3OYgrEct+y28lctmG7NnuvtsSouwvpY=
Subject key identifier: 3E:21:36:D4:46:FC:FF:EB:DC:CC:1A:6F:44:BC:57:7F:A1:FD:F1:94
Certificate issuer: /CN=22bfd4e021547d030ac10b0213535d4c6968eede
Certificate serial: 7836619CDAAE6A839E5BD7BE0360ED749B69BC02
Authority key identifier: 22:BF:D4:E0:21:54:7D:03:0A:C1:0B:02:13:53:5D:4C:69:68:EE:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/3231372e32352e31302e302f32342d3234203d3e20343032333639.roa
Signing time: Fri 08 May 2026 12:57:40 +0000
ROA not before: Fri 08 May 2026 12:52:40 +0000
ROA not after: Fri 07 May 2027 12:57:40 +0000
asID: 402369
IP address blocks: 217.25.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.crl
rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:14:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:36:61:9c:da:ae:6a:83:9e:5b:d7:be:03:60:ed:74:9b:69:bc:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22bfd4e021547d030ac10b0213535d4c6968eede
Validity
Not Before: May 8 12:52:40 2026 GMT
Not After : May 7 12:57:40 2027 GMT
Subject: CN=3E2136D446FCFFEBDCCC1A6F44BC577FA1FDF194
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:c4:04:4e:4f:ad:1f:a5:51:8c:56:a7:c8:5a:
e9:24:81:89:8e:a4:3c:04:a3:b1:56:7b:0f:28:b6:
48:c0:3d:ae:92:8c:ee:19:0d:f7:49:ce:0a:ac:df:
28:8d:f4:b8:f7:84:ce:6b:3c:d0:ee:a4:40:15:b2:
76:0f:ab:85:c9:55:25:69:e7:b6:37:4a:3c:39:a7:
ca:ce:b8:79:5b:f1:14:ef:b7:4f:9f:1d:6d:19:cb:
99:45:b5:03:89:31:6e:0f:57:6a:d0:d8:9b:d3:65:
bd:61:28:05:a6:fa:8a:d7:be:ad:1e:84:b2:8a:c0:
59:3b:07:06:12:7e:1f:08:3b:30:56:14:be:95:b7:
e7:0b:66:e2:e8:65:ca:38:d6:82:7d:19:f0:17:b0:
d8:7b:26:26:36:1c:93:19:59:64:cc:4f:5c:2b:11:
25:07:b4:cc:97:34:b4:34:15:28:7a:b8:8f:4d:de:
b8:98:1e:a7:5c:ce:01:fd:d9:4f:2a:09:51:b5:66:
72:72:94:9c:91:ad:f7:f4:47:63:8d:9c:ec:f1:a1:
df:db:a5:1d:e1:8c:08:44:7c:a9:ed:6f:a6:ae:e8:
70:e1:13:5b:b6:a1:56:9b:0d:55:54:cc:2a:2e:c1:
c0:06:5c:4c:f3:0c:23:a8:15:f1:47:ef:cf:b9:ab:
4c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:21:36:D4:46:FC:FF:EB:DC:CC:1A:6F:44:BC:57:7F:A1:FD:F1:94
X509v3 Authority Key Identifier:
keyid:22:BF:D4:E0:21:54:7D:03:0A:C1:0B:02:13:53:5D:4C:69:68:EE:DE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/3231372e32352e31302e302f32342d3234203d3e20343032333639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.25.10.0/24
Signature Algorithm: sha256WithRSAEncryption
03:2e:59:71:81:a2:e9:b5:c4:9b:d8:d8:30:cb:d0:63:73:4e:
fa:0a:dc:74:2e:79:d8:f6:d9:ac:8d:40:4b:54:ff:8c:61:fc:
3d:70:67:da:36:1a:2d:23:b4:e5:8e:0a:d0:e5:91:46:c2:b1:
d2:0c:34:e0:17:43:14:20:2e:07:d2:ef:ff:10:7a:e0:29:70:
3d:6a:c0:b1:e7:48:5a:c6:84:68:09:b7:a2:cc:72:b7:75:9a:
87:91:6f:56:e0:09:7b:93:43:e9:6a:15:c0:63:45:55:32:7e:
2d:62:71:f1:5d:a9:a1:01:7b:ed:bb:21:15:6f:d0:4c:ce:2e:
c2:12:93:78:a7:30:2c:64:c5:b5:60:0d:d1:67:e3:09:1e:48:
bd:ea:03:0c:f2:5d:b8:2c:56:60:96:70:26:80:4a:99:13:9c:
e3:6a:38:04:f7:9b:4b:b7:ca:00:a0:64:b8:37:89:f0:3b:e3:
f3:2c:8a:d1:93:d1:f0:9c:5f:96:bd:87:41:23:52:cc:6c:01:
56:c8:ac:95:07:ac:62:5d:6a:d9:a5:8e:f0:93:76:d6:05:31:
1d:7f:74:b2:6c:a9:d6:5b:e8:75:15:48:5a:47:a4:ad:da:14:
c6:e6:3c:d0:2d:1e:2e:c3:a3:22:d0:5a:e7:89:0e:c2:49:28:
f2:59:8b:ee
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUeDZhnNquaoOeW9e+A2DtdJtpvAIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjJiZmQ0ZTAyMTU0N2QwMzBhYzEwYjAyMTM1MzVkNGM2
OTY4ZWVkZTAeFw0yNjA1MDgxMjUyNDBaFw0yNzA1MDcxMjU3NDBaMDMxMTAvBgNV
BAMTKDNFMjEzNkQ0NDZGQ0ZGRUJEQ0NDMUE2RjQ0QkM1NzdGQTFGREYxOTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgxAROT60fpVGMVqfIWukkgYmO
pDwEo7FWew8otkjAPa6SjO4ZDfdJzgqs3yiN9Lj3hM5rPNDupEAVsnYPq4XJVSVp
57Y3Sjw5p8rOuHlb8RTvt0+fHW0Zy5lFtQOJMW4PV2rQ2JvTZb1hKAWm+orXvq0e
hLKKwFk7BwYSfh8IOzBWFL6Vt+cLZuLoZco41oJ9GfAXsNh7JiY2HJMZWWTMT1wr
ESUHtMyXNLQ0FSh6uI9N3riYHqdczgH92U8qCVG1ZnJylJyRrff0R2ONnOzxod/b
pR3hjAhEfKntb6au6HDhE1u2oVabDVVUzCouwcAGXEzzDCOoFfFH78+5q0ypAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUPiE21Eb8/+vczBpvRLxXf6H98ZQwHwYDVR0j
BBgwFoAUIr/U4CFUfQMKwQsCE1NdTGlo7t4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNhYWNkMTctYmY5ZC00N2RiLTg2NGQtZjljN2MyYmUx
ODNhLzAvMjJCRkQ0RTAyMTU0N0QwMzBBQzEwQjAyMTM1MzVENEM2OTY4RUVERS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lyX1U0Q0ZVZlFNS3dRc0NFMU5kVEds
bzd0NC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjNhYWNkMTct
YmY5ZC00N2RiLTg2NGQtZjljN2MyYmUxODNhLzAvMzIzMTM3MmUzMjM1MmUzMTMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDMyMzMzNjM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
2RkKMA0GCSqGSIb3DQEBCwUAA4IBAQADLllxgaLptcSb2Ngwy9Bjc076Ctx0LnnY
9tmsjUBLVP+MYfw9cGfaNhotI7TljgrQ5ZFGwrHSDDTgF0MUIC4H0u//EHrgKXA9
asCx50haxoRoCbeizHK3dZqHkW9W4Al7k0PpahXAY0VVMn4tYnHxXamhAXvtuyEV
b9BMzi7CEpN4pzAsZMW1YA3RZ+MJHki96gMM8l24LFZglnAmgEqZE5zjajgE95tL
t8oAoGS4N4nwO+PzLIrRk9HwnF+WvYdBI1LMbAFWyKyVB6xiXWrZpY7wk3bWBTEd
f3SybKnWW+h1FUhaR6St2hTG5jzQLR4uw6Mi0FrniQ7CSSjyWYvu
-----END CERTIFICATE-----
Generated at Wed May 13 12:41:11 2026 by rpki-client